Update your system and delete any malware. The first thing you should do if your account gets hacked is to run an end-to-end antivirus scan. This means skipping the "quick scan" setting in favor of a deep scan to identify and eliminate not only all forms of malware (including Trojans and spyware to keyloggers that could be tracking your keystrokes even after the hack has been identified) and potentially unwanted applications. It's important to make sure you're clean before you change any of your other sensitive information to avoid restarting the cycle. Also, set your security software, internet browser, and operating system to update automatically. Click here for a list of free online security scanning software.

Review Social Media Accounts. Look for changes your social networking sites, look for changes to the account since you last logged in. Look at your personal details, review any third-party apps connected to your account, and check your security questions and answers and your backup email addresses and/or phone numbers. If you think your hacker had a chance to scan your security questions and backup accounts, try to change these on the compromised account and on any other account that relies on the same information. This will prevent the bad actor from using your personal details to breach other accounts in the future.

Change Your Passwords. Once your computer is free of malware, it's time to change your password. If you've lost access to your account, you may need to contact the email provider directly, prove who you are and ask for a password reset. Choose a new password that is very different from your old one and make sure it doesn't contain strings of repeated characters or numbers. Your password should be unique for each account, complex (i.e., a mix of letters, numbers and special characters) and at least 15 characters long. Learn more about passwords here.

Contact Other Online Services. It's critical to change your passwords with other payment-based accounts such as Amazon, Netflix, LinkedIn, credit card companies, etc. Make sure you use different passwords for every online account.

Notify People You Know. Tell your friends, family and anyone else on your email contact list that they might have gotten a malicious link.. During the period when attackers had control of your account, they could have sent dozens or even hundreds of fraudulent emails to everyone you know, in turn giving them access to a new set of victims.

Change Your Security Questions. While your password was the most likely attack route, it's also possible that hackers broke into your account after answering your security questions. Many users choose the same answer to common security questions. In order to further protect your email, be sure to employ the multi-factor authentication that many providers allow to gain access to your password, including using secondary email addresses or text messages, since security questions alone are not enough.

Report the Hack. If you haven't already, contact your email provider and report the hack. This is important even if your hacked email didn't cause you to lose access since it helps providers track scam-based behavior. In addition, your email provider may be able to offer details about the origin or nature of the attack.

Consider Your ID Protection Options. If you've been hacked, another idea worth considering is an ID protection service. These services typically offer real-time email and online retail account monitoring, in addition to credit score reporting, and personal assistance in the event of an identity theft. Your financial institution will offer this program for a small monthly fee.

Review All Email Accounts. If the breach affected a service that includes email, such as your Google account, check the email account for sent messages or for new filters. For example, clever hackers can set up filters that forward all incoming mail to an address you don't recognize. Delete such filters to prevent people from worming their way back into your account in the future. This is particularly important because you can reset many other accounts' passwords, and receive notifications about suspicious activity, over email. You don't want an eavesdropper to nab those recovery messages. Also, check that your email signature and "away" message don’t contain unfamiliar links or forwards.

Create a New Email Account. Sometimes it's not worth picking up where you left off. If this isn't the first time hacked email has been a problem, or if your provider doesn't seem to be taking steps to mitigate the amount of spam you receive, it may be time for a switch. Look for a service that offers default encryption of your emails and solid customer service in the event of an issue.

Keep a minimum of three email accounts. Your first email account should be used for personal conversations and contacts, and your third email account should be used as a general catch-all for all hazardous behavior.

Your second email account should be your work account that is used exclusively for work-related conversations. Don't risk your company's security by using a personal computer or email address at work.

Your third 'catch-all' account should be used to sign up for newsletters and contests. You should plan on having to dump and change out this account every six months.

When you are checking your email at a public computer, you need to log out of your email and close the browser window completely.

Delete browser cache, history and passwords.

Mozilla Firefox - Ctrl+Shift+Del

Opera – Tools + Delete Private Data.

Microsoft - Tools + Internet Options

click 'Clear History', 'Delete Cookies', and 'Delete Files'

Google – More tools + Clear browsing data

Do not use un-secure email accounts to send and receive sensitive corporate information.

Unless you need a written record of something or are communicating across the globe, consider whether a simple phone call rather than an email is a better option. Compared with accessing email through a public computer, a phone call is more secure option.

Be careful forwarding email. Forwarding emails can create a significant security threat for yourself and the earlier recipients of the email. As an email is forwarded, the recipients of the mail (until that point in time) are automatically listed in the body of the email. As the chain keeps moving forward, more and more recipient ids are placed on the list.

Phishing is a type of online fraud wherein the sender of the email tries to trick you into giving out personal information or clicking on a link as a method to try to steal your identity or your money.

Don’t send personal and financial information via email. Banks and online stores provide, almost without exception, a secured section on their website where you can input your personal and financial information.

Avoid writing any company that requests that you send them private financial or personal information via email.

Be careful when unsubscribing to newsletters you never subscribed to. If you don't specifically remember subscribing to a newsletter, you are better off just blacklisting the email address.

If you accidentally open a phishing email, do not reply or click on the link in the email. If you want to verify the message, manually type in the URL into your browser.